[sudo-users] How to preserve functions in scripts for calling by sudo?
L A Walsh
sudo at tlinx.org
Sat Jun 3 08:57:23 MDT 2017
Todd C. Miller wrote:
> Defaults env_keep += "*"
> Defaults env_keep += "*=()*"
Yeah noticed similar in the version I'm using after
I removed the hardcoded func removal, though it only
> The reason for not preserving bash functions in the environment is
> that it allows a user with sudo permissions to subvert any bash
That it is configurable, now, vs. before when it was
hard-coded to always exclude them, removes my major complaint
about sudo's filtering. I.e. I asked for a way to make
it configurable w/the idea of it being hard-coded being
> Instead of having the functions inherited via the environment I'd
> suggest you include them in the scripts where they are needed.
That's exactly what I'm doing, BUT, the scripts are
non-trivial, and like any non-trivial program one wants to limit
the time & area where one runs as root.
So the script only elevates to root for 4-5 lines in
a 350 line script.
It's in that 'elevation' that I was losing functions
*internal* to the script I was running, which was forcing me
to run scripts having 1 line needing root to have all lines run
as root -- a very bad security trade-off, IMO.
> Alternately, you could push the use of sudo down to the actual
> command where it is needed. In other words, only use sudo for the
> mv or rm commands in your example.
That's what I had in one script until I replaced all
the 'rm' and 'mv' commands with 'safer_rm' and 'safer_mv'.
Conceptually I want the ability to be able to substitute
functions for commands as needed, so I can have "commands"
w/modified functionality in some situations.
I want root to behave the same way as my normal login, as
I want to be able to just use 'sudo' as a means to raise
privilege level when needed. I realize sudo has grown to
allow tons of configurable usages, but as mentioned above,
it was the unilateral disabling of various features w/no way
to re-enable them that was causing me problems.
Most recently I did something (not sure what) that
prevented me from adding a sudo before gvim (it cleared
DISPLAY and REMOTEHOST). It was easy to fix -- simply
except those vars from removal -- but not sure why it
worked before when those vars weren't specifically excepted.
Anyway, the short answer, "now", on preserving funcs
is to use the 'env_keep' w/env_reset -- something that
wasn't possible when those funcs were first removed.
So Thanks for the fix!
More information about the sudo-users